Skip to main content

Understanding Nessus Reports

More
20 years 10 months ago #2661 by sahirh
Part III of Securityfocus' review of Nessus - the free, open source vulnerability scanner, is complete. Article one was an introduction to Nessus, article two dealt with the best way to conduct a vulnerability scan, and article three deals with understanding the reports.

Very nicely covered.

Heres the link

www.securityfocus.com/infocus/1759

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
20 years 10 months ago #2662 by tfs
Oh, come on!!!

You only like it because it runs on Unix. :lol:

Really, though - it looks pretty good. I might try it as my first program on my long ago seen Linux machine, sitting in the corner.

Thanks,

Tom
More
20 years 10 months ago #2664 by sahirh
Actually the nicest bit about it is the client-server architecture.. you just leave the scanning engine running on a *nix box, and you can request scans from the windows client. Its absolutely one of the shining stars of the open-source community.. most people prefer it to its commercial equivalents, and it comes across as a very well finished product. Plus the ease with which you can update its plugins (or write your own) is amazing..

No wonder 1854 people voted it the top network security tool of 2003 over here:
www.insecure.org/tools.html

If you look at the rest of that (incredible) list, you'll see it keeps some pretty distinguished company.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
20 years 9 months ago #2880 by Firewall
Nessus is one of the greatest products out there, along with MRTG. The reason why it is great.... We all contribute to builting it, it is total open and not tied down to a vendor, like some of the commerical products out there.

As Sahrih said, the beauty about it is its Client / Server ability. I have a Nessus server sitting there and no matter where I am I can connect to it and run tests, so I can demonstrate IDS and watch the audience faces as they can see "normal" Internet activity. They soon buy my services :)

Just my pennies worth....

Security is for Life.... Not just for Christmas.
More
20 years 9 months ago #2889 by sahirh
Hehe nice signature ..
And while on the topic of great open source security software.. lets not forget our little friends Nmap ( www.insecure.org/nmap ) and Snort ( www.snort.org )

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.143 seconds